ConSentry updates LAN security software

ConSentry is announcing this week at the RSA Conference 2006 that its LAN-access protection appliance works with Cisco and Check Point schemes for scanning computers before they gain access to networks to make sure they are configured to meet security policies.

With a new release of Secure LAN Controller software, the ConSentry devices will support Cisco trust agent (CTA), which reads whether PCs are running updated anti-virus software from Network Associates, Symantec and Trend Micro. This is part of Cisco's Network Admission Control program to limit or deny network access to endpoints that flunk corporate configuration standards.

For an extra fee, ConSentry's 2.0 version of its LANShield software will also support Check Point's Integrity software that sends a Java agent to remote machines to scan for anti-virus software, critical patches, updated versions of programs and prohibited programs. It can deny access if the PC is found non-compliant. Support for Integrity in LANShield 2.0 costs $3,000 per appliance.

To continue reading, register here and become an Insider. You'll get free access to premium content from CIO, Computerworld, CSO, InfoWorld, and Network World. See more Insider content or sign in.

ConSentry is announcing this week at the RSA Conference 2006 that its LAN-access protection appliance works with Cisco and Check Point schemes for scanning computers before they gain access to networks to make sure they are configured to meet security policies.

With a new release of Secure LAN Controller software, the ConSentry devices will support Cisco trust agent (CTA), which reads whether PCs are running updated anti-virus software from Network Associates, Symantec and Trend Micro. This is part of Cisco's Network Admission Control program to limit or deny network access to endpoints that flunk corporate configuration standards.

For an extra fee, ConSentry's 2.0 version of its LANShield software will also support Check Point's Integrity software that sends a Java agent to remote machines to scan for anti-virus software, critical patches, updated versions of programs and prohibited programs. It can deny access if the PC is found non-compliant. Support for Integrity in LANShield 2.0 costs $3,000 per appliance.

ConSentry devices already enforce detailed, per-user access control to individual network resources once a person and machine successfully log onto the network. Until this release, the devices authenticated users but didn't assess whether their machines were considered healthy.

Machines that don't have anti-virus running stand a greater risk of being infected and of spreading viruses once they log in to the network, says Steve Berg, director of information technology for video equipment vendor Omneon Video Networks in Sunnyvale, Calif. But it's difficult to know which machines are at risk. "Vendors come in and plug into our network and we have no idea what the current state of their machine is," he says. Omneon has installed a Secure LAN Controller and plans to turn it up to scan both company-owned and visitor machines, he says.